Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BejJRAvxSNv2DFWt3aTYOeZpIA8.roa
File: BejJRAvxSNv2DFWt3aTYOeZpIA8.roa (raw, json)
Hash identifier: GkN1X6OAfrnSnHZMY0xBXtlh7dDA5W6YAQ3oZYnZCEg=
Subject key identifier: 05:E8:C9:44:0B:F1:48:DB:F6:0C:55:AD:DD:A4:D8:39:E6:69:20:0F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018489D0F7B3B0093EE70203B7F13778A801
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BejJRAvxSNv2DFWt3aTYOeZpIA8.roa
Signing time: Fri 18 Nov 2022 08:18:04 +0000
ROA not before: Fri 18 Nov 2022 08:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 194.87.127.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:89:d0:f7:b3:b0:09:3e:e7:02:03:b7:f1:37:78:a8:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 18 08:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05e8c9440bf148dbf60c55addda4d839e669200f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:04:f1:a2:7b:93:b4:9a:7b:85:9d:52:30:3f:
0d:f1:c5:60:b5:e9:ef:c6:6a:ae:54:9e:cc:fc:0c:
42:a5:66:13:20:51:c4:0a:14:d6:84:e9:7d:d0:de:
f5:e3:47:ca:d7:63:c9:21:f6:df:66:37:73:2d:f4:
a0:95:64:ce:e1:33:0a:da:b9:ec:9b:10:82:0e:63:
61:2c:8e:83:cc:f3:2f:7a:c7:8a:8a:46:01:77:b2:
d4:c9:9b:7a:4e:d5:c4:4a:5a:9f:50:76:c0:c6:86:
e2:37:f1:fd:04:7a:6b:7f:8b:39:6f:18:12:92:1b:
54:65:59:4a:8e:33:5a:56:15:46:96:94:b8:21:3c:
c3:34:a1:8e:ea:5a:d2:4a:09:41:a6:71:00:4b:1a:
2b:13:17:f7:01:53:96:24:27:8a:46:1e:1b:fa:28:
c7:bf:be:c3:99:2b:f1:8f:fd:ec:a1:52:a3:0a:ef:
b5:be:9a:75:ec:01:60:7f:93:88:b1:76:ed:59:d4:
ba:56:62:11:37:63:82:b4:2b:4a:3a:4a:52:3b:a3:
06:41:b4:2d:b9:5a:ad:fe:77:36:0a:85:0f:b2:08:
1d:e1:76:3f:a1:87:ea:c2:1d:0c:c9:90:64:e6:4d:
33:42:95:69:07:f1:62:79:57:58:d4:36:23:9f:e8:
16:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E8:C9:44:0B:F1:48:DB:F6:0C:55:AD:DD:A4:D8:39:E6:69:20:0F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BejJRAvxSNv2DFWt3aTYOeZpIA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.72.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
36:f9:4f:97:8d:0f:d4:a9:82:cd:ac:3c:ca:2e:fa:b5:3a:83:
67:5d:2c:ed:c5:9f:e9:39:d8:e0:af:48:68:ea:49:3a:6c:b2:
fb:2d:58:d0:fb:b6:3c:a0:98:a5:5f:8e:80:65:45:63:e7:40:
2b:80:dc:5d:e3:1b:ec:37:d1:41:ba:59:4a:09:fb:3e:f5:78:
a0:4b:fc:24:6d:28:1d:f8:e2:a6:de:68:d5:04:5c:af:65:d7:
b2:50:62:1c:72:46:88:6b:6a:29:6d:cc:59:ca:6f:c2:ae:6a:
9e:6d:d6:16:84:b6:1d:d9:ad:23:ca:d1:02:08:db:cd:72:0a:
97:15:a9:4d:11:f1:e2:dd:4a:d0:8c:ab:9a:20:48:3b:97:0c:
7f:00:eb:96:3d:28:58:d7:9c:03:b5:dc:f1:aa:10:be:c8:4b:
2d:e0:a0:05:0f:33:5b:a4:52:ad:3d:c0:22:ca:24:72:00:cb:
ff:a2:a1:86:4c:4e:31:7d:35:0c:9c:07:b1:39:f8:b4:61:ce:
bc:72:be:9d:74:c4:62:a8:dd:31:0b:02:5f:56:80:d1:c1:4d:
fe:c2:61:97:dd:e3:cb:26:e9:7a:f2:bc:84:e3:6e:de:fb:e6:
84:2a:d6:f4:f4:0e:12:1d:b3:05:a5:a1:43:33:7b:7d:df:3d:
24:38:f7:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSJ0PezsAk+5wIDt/E3eKgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE4MDgxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWU4Yzk0NDBiZjE0OGRiZjYwYzU1YWRkZGE0ZDgzOWU2NjkyMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQTxonuTtJp7hZ1SMD8N8cVgtenv
xmquVJ7M/AxCpWYTIFHEChTWhOl90N7140fK12PJIfbfZjdzLfSglWTO4TMK2rns
mxCCDmNhLI6DzPMveseKikYBd7LUyZt6TtXESlqfUHbAxobiN/H9BHprf4s5bxgS
khtUZVlKjjNaVhVGlpS4ITzDNKGO6lrSSglBpnEASxorExf3AVOWJCeKRh4b+ijH
v77DmSvxj/3soVKjCu+1vpp17AFgf5OIsXbtWdS6VmIRN2OCtCtKOkpSO6MGQbQt
uVqt/nc2CoUPsggd4XY/oYfqwh0MyZBk5k0zQpVpB/FieVdY1DYjn+gWbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAXoyUQL8Ujb9gxVrd2k2DnmaSAPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQmVqSlJBdnhTTnYyREZXdDNhVFlPZVpwSUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldIAwQA
wld/MA0GCSqGSIb3DQEBCwUAA4IBAQA2+U+XjQ/UqYLNrDzKLvq1OoNnXSztxZ/p
Odjgr0ho6kk6bLL7LVjQ+7Y8oJilX46AZUVj50ArgNxd4xvsN9FBullKCfs+9Xig
S/wkbSgd+OKm3mjVBFyvZdeyUGIcckaIa2opbcxZym/CrmqebdYWhLYd2a0jytEC
CNvNcgqXFalNEfHi3UrQjKuaIEg7lwx/AOuWPShY15wDtdzxqhC+yEst4KAFDzNb
pFKtPcAiyiRyAMv/oqGGTE4xfTUMnAexOfi0Yc68cr6ddMRiqN0xCwJfVoDRwU3+
wmGX3ePLJul68ryE427e++aEKtb09A4SHbMFpaFDM3t93z0kOPfw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:58 2023 by rpki-client on console-fra.rpki-client.org